DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Optimize Your Cisco 350-401 ENCOR Exam Preparation with Reliable Study Resources

Preparing for the Cisco 350-401 ENCOR certification exam requires a comprehensive approach utilizing various study materials and exam resources. Mock exams and practice tests are invaluable tools that simulate the actual exam environment, allowing you to gauge your readiness and identify areas that need further attention. Reputable online platforms offer a wide range of exam questions and answers that closely mirror the real ENCOR exam questions. These test questions cover the entire exam curriculum, including network fundamentals, network access, IP connectivity, IP services, security fundamentals, and automation and programmability. By consistently practicing with these exam questions, you can reinforce your understanding of key concepts and develop effective problem-solving strategies. Additionally, it's essential to supplement your preparation with official Cisco study guides, training courses, and other exam resources. These materials provide in-depth explanations, real-world scenarios, and expert insights, ensuring you have a solid grasp of the topics covered in the ENCOR exam. Consistent exam preparation, combined with regular mock exam practice, will increase your chances of successful passing and earning this coveted Cisco certification.
Take other online exams

Question #1
Refer to the exhibit. An engineer must create a configuration that executes the show run command and then terminates the session when user CCNP logs in.Which configuration change is required?
A. dd the access-class keyword to the username command
B. dd the autocommand keyword to the aaa authentication command
C. dd the access-class keyword to the aaa authentication command
D. dd the autocommand keyword to the username command
View answer
Correct Answer: D
Question #2
What does the LAP send when multiple WLCs respond to the CISCO-CAPWAP-CONTROLLER.localdomain hostname during the CAPWAP discovery and join process?
A. nicast discovery request to the first WLC that resolves the domain name
B. roadcast discovery request
C. oin request to all the WLCs
D. nicast discovery request to each WLC
View answer
Correct Answer: D
Question #3
Which feature of EIGRP is not supported in OSPF?
A. oad balancing of unequal-cost paths
B. oad balance over four equal-cost paths
C. ses interface bandwidth to determine best path
D. er-packet load balancing over multiple paths
View answer
Correct Answer: A
Question #4
Which Cisco FlexConnect state allows wireless users that are connected to the network to continue working after the connection to the WLC has been lost?
A. uthentication Down/Switching Down
B. uthentication-Central/Switch-Local
C. uthentication-Central/Switch-Central
D. uthentication-Down/Switch-Local
View answer
Correct Answer: D
Question #5
An engineer must configure a new loopback interface on a router and advertise the interface as a /24 in OSPF. Which command set accomplishes this task?
A. 2(config)#interface Loopback0 R2(config-if)#ip address 172
B. 2(config)#interface Loopback0 R2(config-if)#ip address 172
C. 2(config)#interface Loopback0 R2(config-if)#ip address 172
D. 2(config-router)#network 172
View answer
Correct Answer: B
Question #6
Refer to the exhibit. Which result does the Python code achieve?
A. he code encrypts a base64 decrypted password
B. he code converts time to the Epoch LINUX time format
C. he code converts time to the "year/month/day" time format
D. he code converts time to the yyyymmdd representation
View answer
Correct Answer: D
Question #7
What does the LAP send when multiple WLCs respond to the CISCO_CAPWAP-CONTROLLER.localdomain hostname during the CAPWAP discovery and join process?
A. broadcast discover request
B. join request to all the WLCs
C. unicast discovery request to each WLC
D. Unicast discovery request to the first WLC that resolves the domain name
View answer
Correct Answer: C
Question #8
Refer to the exhibit. A network engineer is enabling logging to a local buffer, to the terminal, and to a syslog server for all debugging level logs filtered by facility code 7. Which command is needed to complete this configuration snippet?
A. ogging buffered debugging
B. ogging discriminator Disc1 severity includes 7
C. ogging buffered discriminator Disc1 debugging
D. ogging discriminator Disc1 severity includes 7 facility includes fac7
View answer
Correct Answer: D
Question #9
Which two entities are Type 1 hypervisors? (Choose two)
A. Oracle VM Virtual Box
B. Microsoft Hyper-V
C. VMware server
D. VMware ESX
E. Microsoft Virtual PC
View answer
Correct Answer: BD
Question #10
Which QoS component alters a packet to change the way that traffic is treated in the network?
A. olicing
B. lassification
C. arking
D. haping
View answer
Correct Answer: C
Question #11
Refer to the exhibit. After implementing the configuration, 172.20.20.2 stops replying to ICMP echos, but the default route fails to be removed. What is the reason for this behaviour?
A. he threshold value is wrong
B. he source-interface is configured incorrectly
C. he destination must be 172
D. he default route is missing the track feature
View answer
Correct Answer: D
Question #12
Which feature must be configured to allow packet capture over Layer 3 infrastructure?
A. RSPAN
B. ERSPAN
C. VSPAN
D. IPSPAN
View answer
Correct Answer: B
Question #13
A network engineer is configuring OSPF on a router. The engineer wants to prevent having a route to 172.16.0.0/16 learned via OSPF in the routing table and configures a prefix list using the command ip prefix-list OFFICE seq 5 deny 172.16.0.0/16. Which two additional configuration commands must be applied to accomplish the goal? (Choose two.)
A. ee Explanation section for answer
View answer
Correct Answer: AB
Question #14
Which characteristic distinguishes Ansible from Chef?
A. nsible uses Ruby to manage configurations
B. he Ansible server can run on Linux, Unix or Windows
C. nsible pushes the configuration to the client
D. nsible lacks redundancy support for the primary server
View answer
Correct Answer: C
Question #15
DRAG DROP (Drag and Drop is not supported)Drag and drop the wireless elements on the left to their definitions on the right.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #16
Which statements are used for error handling in Python?
A. ry/catch
B. atch/release
C. lock/rescue
D. ry/except
View answer
Correct Answer: D
Question #17
What is the difference between CEF and process switching?
A. EF processes packets that are too complex for process switching to manage
B. rocess switching is faster than CEF
C. EF uses the FIB and the adjacency table to make forwarding decisions, whereas process switching punts each packet
D. EF is more CPU-intensive than process switching
View answer
Correct Answer: C
Question #18
Which technology provides a secure communication channel for all traffic at Layer 2 of the OSI model?
A. SL
B. isco TrustSec
C. ACsec
D. Psec
View answer
Correct Answer: C
Question #19
Which feature must be configured to allow packet capture over Layer 3 infrastructure?
A. SPAN
B. RSPAN
C. SPAN
D. PSPAN
View answer
Correct Answer: B
Question #20
Which access point mode allows a supported AP to function like a WLAN client would, associating and identifying client connectivity issues?
A. client mode
B. SE-connect mode
C. sensor mode
D. sniffer mode
View answer
Correct Answer: C
Question #21
Based on the router's API output in JSON format below, which Python code will display the value of the "role" key?
A. ption A
B. ption B
C. ption C
D. ption D
View answer
Correct Answer: B
Question #22
Refer to the exhibit. Which configuration allows Customer2 hosts to access the FTP server of Customer1 that has the IP address of 192.168.1.200?
A. p route vrf Customer1 172
B. p route vrf Customer1 172
C. p route vrf Customer1 172
D. p route vrf Customer1 172
View answer
Correct Answer: A
Question #23
How does Cisco TrustSec enable more flexible access controls for dynamic networking environments and data centers?
A. uses flexible NetFlow
B. assigns a VLAN to the endpoint
C. classifies traffic based on advanced application recognition
D. classifies traffic based on the contextual identity of the endpoint rather than its IP address
View answer
Correct Answer: D
Question #24
What are two benefits of YANG? (Choose two.)
A. ee Explanation section for answer
View answer
Correct Answer: AE
Question #25
DRAG DROP (Drag and Drop is not supported)Drag and drop the snippets onto the blanks within the code to construct a script that adds a prefix list to a route map and sets the local preference. Not all options are used.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #26
How are the different versions of IGMP compatible?
A. GMPv2 is compatible only with IGMPv2
B. GMPv3 is compatible only with IGMPv3
C. GMPv2 is compatible only with IGMPv1
D. GMPv3 is compatible only with IGMPv1
View answer
Correct Answer: C
Question #27
Which devices does Cisco Center configure when deploying an IP-based access control policy?
A. All devices integrating with ISE
B. selected individual devices
C. all devices in selected sites
D. all wired devices
View answer
Correct Answer: C
Question #28
Which outbound access list, applied to the WAN interface of a router, permits all traffic except for http traffic sourced from the workstation with IP address 10.10.10.1?
A. p access-list extended 200 deny tcp host 10
B. p access-list extended 10 deny tcp host 10
C. p access-list extended NO_HTTP deny tcp host 10
D. p access-list extended 100 deny tcp host 10
View answer
Correct Answer: D
Question #29
Which LISP component decapsulates messages and forwards them to the map server responsible for the egress tunnel routers?
A. outer Locator
B. ap Resolver
C. roxy ETR
D. ngress Tunnel Router
View answer
Correct Answer: B
Question #30
When firewall capabilities are considered, which feature is found only in Cisco next-generation firewalls?
A. alware protection
B. tateful inspection
C. raffic filtering
D. ctive/standby high availability
View answer
Correct Answer: A
Question #31
Refer to the exhibit. Which command must be configured for RESTCONF to operate on port 8888?
A. estconf port 8888
B. p http restconf port 8888
C. p http port 8888
D. estconf http port 8888
View answer
Correct Answer: C
Question #32
Which component handles the orchestration plane of the Cisco SD-WAN?
A. vBond
B. vSmart
C. vManage
D. vEdge
View answer
Correct Answer: A
Question #33
Refer to the exhibit. Which HTTP JSON response does the Python code output give?
A.
B.
C. ameError: name 'json' is not defined
D. eyError: 'kickstart_ver_str'
View answer
Correct Answer: A
Question #34
Which configuration allows administrators to configure the device through the console port and use a network authentication server?
A. aa new-model aaa authentication login default local aaa authorization console aaa authorization config-commands username netadmin secret 9 $9$vFpMf8elb4RVV8$seZ/bDAx1uV
B. aa new-model aaa authentication login default local aaa authorization console aaa authorization config-commands
C. aa new-model aaa authentication login default line
D. aa new-model aaa authentication login default group radius aaa authorization console aaa authorization config-commands
View answer
Correct Answer: D
Question #35
Which two pieces of information are necessary to compute SNR? (Choose two.)
A. transmit power
B. noise floor
C. EIRP
D. antenna gain
E. RSSI
View answer
Correct Answer: BE
Question #36
What is the role of vSmart in a Cisco SD-WAN environment?
A. o establish secure control plane connections
B. o monitor, configure, and maintain SD-WAN devices
C. o provide secure data plane connectivity over WAN links
D. o perform initial authentication of devices
View answer
Correct Answer: A
Question #37
Which statement describes the IP and MAC allocation requirements for virtual machines on Type 1 hypervisors?
A. irtual machines do not require a unique IP or unique MAC
B. ach virtual machine requires a unique IP address but shares the MAC address with the physical server
C. ach virtual machine requires a unique IP and MAC addresses to be able to reach to other nodes
D. ach virtual machine requires a unique MAC address but shares the IP address with the physical server
View answer
Correct Answer: C
Question #38
DRAG DROP (Drag and Drop is not supported)Drag and drop the descriptions from the left onto the correct QoS components on the right.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #39
Which access control list allows only TCP traffic with a destination port range of 22-443, excluding port 80?
A. eny tcp any any eq 80 permit tcp any any gt 21 lt 444
B. ermit tcp any any range 22 443 deny tcp any any eq 80
C. ermit tcp any any eq 80
D. eny tcp any any eq 80 permit tcp any any range 22 443
View answer
Correct Answer: D
Question #40
What are two benefits of virtualizing the server with the use of VMs in a data center environment? (Choose two.)
A. reduced rack space, power, and cooling requirements
B. smaller Layer 2 domain
C. increased security
D. speedy deployment
E. reduced IP and MAC address requirements
View answer
Correct Answer: AD
Question #41
A network administrator applies the following configuration to an IOS device: aaa new-model aaa authentication login default local group tacacs+What is the process of password checks when a login attempt is made to the device?
A. TACACS+ server is checked first
B. TACACS+ server is checked first
C. local database is checked first
D. local database is checked first
View answer
Correct Answer: D
Question #42
Which two pieces of information are necessary to compute SNR? (Choose two.)
A. transmit power
B. noise floor
C. EIRP
D. antenna gain
E. RSSI
View answer
Correct Answer: BE
Question #43
How is 802.11 traffic handled in a fabric-enabled SSID?
A. entrally switched back to WLC where the user traffic is mapped to a VXLAN on the WLC
B. onverted by the AP into 802
C. entrally switched back to WLC where the user traffic is mapped to a VLAN on the WLC
D. onverted by the AP into 802
View answer
Correct Answer: B
Question #44
A client device roams between access points located on different floors in an atrium. The access points are joined to the same controller and configured in local mode. The access points are in different AP groups and have different IP addresses, but the client VLAN in the groups is the same.Which type of roam occurs?
A. nter-controller
B. nter-subnet
C. ntra-VLAN
D. ntra-controller
View answer
Correct Answer: D
Question #45
Refer to the exhibit. A network engineer troubleshoots an issue with the port channel between SW1 and SW2. Which command resolves the issue?
A. W2(config-if)#switchport mode trunk
B. W1(config-if)#channel-group 10 mode active
C. W1(config-if)#channel-group 10 mode desirable
D. W2(config-if)#channel-group 10 mode on
View answer
Correct Answer: B
Question #46
Which two operations are valid for RESTCONF? (Choose two.)
A. PULL
B. PUSH
C. PATCH
D. REMOVE
E. ADD
F. HEAD
View answer
Correct Answer: CF
Question #47
Refer to the exhibit.An engineer configures monitoring on SW1 and enters the show command to verify operation. What does the output confirm?
A. SPAN session 1 is incompletely configured for monitoring
B. SPAN session 1 monitors activity on VLAN 50 of a remote switch
C. PAN session 2 monitors all traffic entering and exiting port FastEthernet 0/15
D. PAN session 2 only monitors egress traffic exiting port FastEthernet 0/14
View answer
Correct Answer: A
Question #48
Which TCP setting is tuned to minimize the risk of fragmentation on a GRE/IP tunnel?
A. MSS
B. MTU
C. MRU
D. window size
View answer
Correct Answer: A
Question #49
A network engineer configures a WLAN controller with increased security for web access. There is IP connectivity with the WLAN controller, but the engineer cannot start a management session from a web browser. Which action resolves the issue?
A. isable Adobe Flash Player
B. se a private or incognito session
C. se a browser that supports 128-bit or larger ciphers
D. isable JavaScript on the web browser
View answer
Correct Answer: C
Question #50
Which protocol does REST API rely on to secure the communication channel?
A. HTTP
B. SSH
C. HTTPS
D. TCP
View answer
Correct Answer: C
Question #51
An engineer must configure a new WLAN that allows a user to enter a passphrase and provides forward secrecy as a security measure. Which Layer 2 WLAN configuration is required on the Cisco WLC?
A. PA3 Enterprise
B. PA2 Personal
C. PA2 Enterprise
D. PA3 Personal
View answer
Correct Answer: D
Question #52
Which two operations are valid for RESTCONF? (Choose two.)
A. PULL
B. PUSH
C. PATCH
D. REMOVE
E. ADD
F. HEAD
View answer
Correct Answer: CF
Question #53
In an SD-Access solution what is the role of a fabric edge node?
A. to connect external Layer 3- network to the SD-Access fabric
B. to connect wired endpoint to the SD-Access fabric
C. to advertise fabric IP address space to external network
D. to connect the fusion router to the SD-Access fabric
View answer
Correct Answer: B
Question #54
When configuring WPA2 Enterprise on a WLAN, which additional security component configuration is required?
A. PKI server
B. NTP server
C. RADIUS server
D. TACACS server
View answer
Correct Answer: C
Question #55
Which two protocols are used with YANG data models? (Choose two.)
A. hey create more secure and efficient SNMP OIDs
B. hey provide a standardized data structure, which results in configuration scalability and consistency
C. hey enable programmers to change or write their own applications within the device operating system
D. hey make the CLI simpler and more efficient
View answer
Correct Answer: BD
Question #56
What is the role of the RP in PIM sparse mode?
A. The RP responds to the PIM join messages with the source of requested multicast group
B. The RP maintains default aging timeouts for all multicast streams requested by the receivers
C. The RP acts as a control-plane node and does not receive or forward multicast packets
D. The RP is the multicast that is the root of the PIM-SM shared multicast distribution tree
View answer
Correct Answer: D
Question #57
What is a characteristic of a virtual machine?
A. roxy ITR
B. TR
C. TR
D. roxy ETR
View answer
Correct Answer: D
Question #58
What is the role of a fusion router in an SD-Access solution?
A. acts as a DNS server
B. provides additional forwarding capacity to the fabric
C. performs route leaking between user-defined virtual networks and shared services
D. provides connectivity to external networks
View answer
Correct Answer: C
Question #59
The following system log message is presented after a network administrator configures a GRE tunnel:%TUN-RECURDOWN Interface Tunnel 0 temporarily disabled due to recursive routingWhy is Tunnel 0 disabled?
A. etter application performance
B. mproved security because the underlying OS is eliminated
C. mproved density and scalability
D. bility to operate on hardware that is running other OSs
View answer
Correct Answer: C
Question #60
What is the role of a fusion router in an SD-Access solution?
A. cts as a DNS server
B. rovides additional forwarding capacity to the fabric
C. erforms route leaking between user-defined virtual networks and shared services
D. rovides connectivity to external networks
View answer
Correct Answer: C
Question #61
Based on the router's API output in JSON format below, which Python code will display the value of the `hostname` key?
A. son_data = response,json() print(json_dataresponse[0]hostname)
B. son_data = json
C. son_data = json
D. son_data = response
View answer
Correct Answer: A
Question #62
Refer to the exhibit. The EtherChannel between SW2 and SW3 is not operational. Which action resolves this issue?
A. onfigure the channel-group mode on SW3 Gi0/0 and Gi0/1 to active
B. onfigure the mode on SW2 Gi0/0 to trunk
C. onfigure the channel-group mode on SW2 Gi0/0 and Gi0/1 to on
D. onfigure the mode on SW2 Gi0/1 to access
View answer
Correct Answer: B
Question #63
Which First Hop Redundancy Protocol should be used to meet a design requirement for more efficient default gateway bandwidth usage across multiple devices?
A. LBP
B. ACP
C. SRP
D. RRP
View answer
Correct Answer: A
Question #64
DRAG DROP (Drag and Drop is not supported)Drag and drop the characteristics from the left onto the appropriate infrastructure deployment types on the right.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #65
A customer has several small branches and wants to deploy a Wi-Fi solution with local management using CAPWAP. Which deployment model meets this requirement?
A. local mode
B. autonomous
C. SD-Access wireless
D. Mobility Express
View answer
Correct Answer: A
Question #66
How does QoS traffic shaping alleviate network congestion?
A. t drops packets when traffic exceeds a certain bitrate
B. t buffers and queues packets above the committed rate
C. t fragments large packets and queues them for delivery
D. t drops packets randomly from lower priority queues
View answer
Correct Answer: B
Question #67
What is the correct EBGP path attribute list, ordered from most preferred to least preferred, that the BGP best-path algorithm uses?
A. ocal preference, weight, AS path, MED
B. eight, local preference, AS path, MED
C. eight, AS path, local preference, MED
D. ocal preference, weight, MED, AS path
View answer
Correct Answer: B
Question #68
What is a characteristic of a type 2 hypervisor?
A. omplicated deployment
B. deal for data center
C. eferred to as bare-metal
D. deal for client/end-user system
View answer
Correct Answer: D
Question #69
What is one benefit of adopting a data modelling language?
A. ugmenting the use of management protocols like SNMP for status subscriptions
B. efactoring vendor and platform specific configurations with widely compatible configurations
C. ugmenting management process using vendor centric actions around models
D. eploying machine-friendly codes to manage a high number of devices
View answer
Correct Answer: B
Question #70
Refer to the exhibit. A network engineer configures a new GRE tunnel and enters the show run command. What does the output verify?
A. he tunnel keepalive is configured incorrectly because they must match on both sites
B. he tunnel destination will be known via the tunnel interface
C. he tunnel will be established and work as expected
D. he default MTU of the tunnel interface is 1500 bytes
View answer
Correct Answer: B
Question #71
Which NGFW mode blocks flows crossing the firewall?
A. tap
B. inline
C. passive
D. inline tap
View answer
Correct Answer: B
Question #72
Which DHCP option helps lightweight APs find the IP address of a wireless LAN controller?
A. Option 43
B. Option 60
C. Option 67
D. Option 150
View answer
Correct Answer: A
Question #73
In an SD-Access solution what is the role of a fabric edge node?
A. to connect external Layer 3- network to the SD-Access fabric
B. to connect wired endpoint to the SD-Access fabric
C. to advertise fabric IP address space to external network
D. to connect the fusion router to the SD-Access fabric
View answer
Correct Answer: B
Question #74
What is a benefit of deploying an on-premises infrastructure versus a cloud infrastructure deployment?
A. bility to quickly increase compute power without the need to install additional hardware
B. ess power and cooling resources needed to run infrastructure on-premises
C. aster deployment times because additional infrastructure does not need to be purchased
D. ower latency between systems that are physically located near each other
View answer
Correct Answer: D
Question #75
Which two pieces of information are necessary to compute SNR? (Choose two.)
A. oint-to-multipoint to nonbroadcast
B. roadcast to nonbroadcast
C. oint-to-multipoint to broadcast
D. roadcast to point-to-point
View answer
Correct Answer: BD
Question #76
Which two mechanisms are available to secure NTP? (Choose two.)
A. IPsec
B. IP prefix list-based
C. encrypted authentication
D. TACACS-based authentication
E. IP access list-based
View answer
Correct Answer: CE
Question #77
Which statements are used for error handling in Python?
A. try/catch
B. catch/release
C. block/rescue
D. try/except
View answer
Correct Answer: D
Question #78
DRAG DROP (Drag and Drop is not supported)Drag and drop the characteristics from the left onto the infrastructure deployment models on the right.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #79
Refer to the exhibit. An engineer must deny Telnet traffic from the loopback interface of router R3 to the loopback interface of router R2 during the weekend hours. All other traffic between the loopback interfaces of routers R3 and R2 must be allowed at all times.Which command set accomplishes this task?
A. 3(config)#time-range WEEKEND R3(config-time-range)#periodic Saturday Sunday 00:00 to 23:59 R3(config)#access-list 150 deny tcp host 10
B. 1(config)#time-range WEEKEND R1(config-time-range)#periodic weekend 00:00 to 23:59 R1(config)#access-list 150 deny tcp host 10
C. 3(config)#time-range WEEKEND R3(config-time-range)#periodic weekend 00:00 to 23:59 R3(config)#access-list 150 permit tcp host 10
D. 1(config)#time-range WEEKEND R1(config-time-range)#periodic Friday Sunday 00:00 to 00:00 R1(config)#access-list 150 deny tcp host 10
View answer
Correct Answer: B
Question #80
Which statement about route targets is true when using VRF-Lite?
A. Route targets control the import and export of routes into a customer routing table
B. When BGP is configured, route targets are transmitted as BGP standard communities
C. Route targets allow customers to be assigned overlapping addresses
D. Route targets uniquely identify the customer routing table
View answer
Correct Answer: A
Question #81
In OSPF, which LSA type is responsible for pointing to the ASBR router?
A. type 1
B. type 2
C. type 3
D. type 4
View answer
Correct Answer: D
Question #82
DRAG DROP (Drag and Drop is not supported)Drag and drop the characteristics from the left onto the orchestration tools that they describe on the right.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #83
Which controller is capable of acting as a STUN server during the onboarding process of Edge devices?
A. Bond
B. Smart
C. Manage
D. NP Server
View answer
Correct Answer: A
Question #84
A company has an existing Cisco 5520 HA cluster using SSO. An engineer deploys a new single Cisco Catalyst 9800 WLC to test new features. The engineer successfully configures a mobility tunnel between the 5520 cluster and 9800 WLC. Clients connected to the corporate WLAN roam seamlessly between access points on the 5520 and 9800 WLC. After a failure on the primary 5520 WLC, all WLAN services remain functional; however, clients cannot roam between the 5520 and 9800 controllers without dropping their connecti
A. 2 standby 1 priority 90 standby 1 preempt
B. 2 standby 1 priority 100 standby 1 preempt
C. 1 standby 1 preempt R2 standby 1 priority 90
D. 1 standby 1 preempt R2 standby 1 priority 100
View answer
Correct Answer: B
Question #85
Refer to the exhibit. A network engineer is configuring OSPF between router R1 and router R2. The engineer must ensure that a DR/BDR election does not occur on the Gigabit Ethernet interfaces in area 0.Which configuration set accomplishes this goal?
A. 1(config-if)interface Gi0/0 R1(config-if)ip ospf network point-to-point R2(config-if)interface Gi0/0 R2(config-if)ip ospf network point-to-point
B. 1(config-if)interface Gi0/0 R1(config-if)ip ospf network broadcast R2(config-if)interface Gi0/0 R2(config-if)ip ospf network broadcast
C. 1(config-if)interface Gi0/0 R1(config-if)ip ospf database-filter all out R2(config-if)interface Gi0/0 R2(config-if)ip ospf database-filter all out
D. 1(config-if)interface Gi0/0 R1(config-if)ip ospf priority 1 R2(config-if)interface Gi0/0 R2(config-if)ip ospf priority 1
View answer
Correct Answer: A
Question #86
Refer to the exhibit. Assuming all links are functional, which path does PC1 take to reach DSW1?
A. C1 goes from ALSW1 to DSW2 to CORE to DSW1
B. C1 goes from ALSW1 to DSW2 to ALSW2 to DSW1
C. C1 goes from ALSW1 to DSW2 to DSW1
D. C1 goes from ALSW1 to DSW1
View answer
Correct Answer: D
Question #87
Refer to the exhibit. Cisco DNA Center has obtained the username of the client and the multiple devices that the client is using on the network. How is Cisco DNACenter getting these context details?
A. hose details are provided to Cisco DNA Center by the Identity Services Engine
B. he administrator had to assign the username to the IP address manually in the user database tool on Cisco DNA Center
C. isco DNA Center pulled those details directly from the edge node where the user connected
D. ser entered those details in the Assurance app available on iOS and Android devices
View answer
Correct Answer: A
Question #88
DRAG DROP (Drag and Drop is not supported)Drag and drop the characteristics from the left onto the routing protocols they describe on the right.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #89
Refer to the exhibit. A network engineer must log in to the router via the console, but the RADIUS servers are not reachable. Which credentials allow console access?
A. o username and only the password “test123”
B. o username and only the password “cisco123”
C. he username “cisco” and the password “cisco”
D. he username “cisco” and the password “cisco123”
View answer
Correct Answer: B
Question #90
Refer to the exhibit. How was spanning-tree configured on this interface?
A. witch1(config)# spanning-tree portfast bpdufilter default Switch1(config)# interface f0/1 Switch1(config-if)# spanning-tree portfast
B. witch1(config)# spanning-tree portfast bpduguard default Switch 1 (config)# interface f0/1 Switch1 (config-if)# spanning-tree portfast
C. witch1(config)# interface f0/1 Switch1(config-if)# spanning-tree portfast
D. witch1(config)# interface f0/1 Switch1(config-if)# spanning-tree portfast Switch1 (config-if)# spanning-tree bpduguard enable
View answer
Correct Answer: A
Question #91
Which two steps are required for a complete Cisco DNA Center upgrade? (Choose two.)
A. automation backup
B. system update
C. golden image selection
D. proxy configuration
E. application updates?
View answer
Correct Answer: BE
Question #92
What is required for a virtual machine to run?
A. racle VM VirtualBox
B. itrix XenServer
C. Mware server
D. icrosoft Virtual PC
View answer
Correct Answer: B
Question #93
What are two benefits of virtualizing the server with the use of VMs in a data center environment? (Choose two.)
A. reduced rack space, power, and cooling requirements
B. smaller Layer 2 domain
C. increased security
D. speedy deployment
E. reduced IP and MAC address requirements
View answer
Correct Answer: AD
Question #94
What is YANG used for?
A. craping data via CLI
B. rocessing SNMP read-only polls
C. escribing data models
D. roviding a transport for network configuration data between client and server
View answer
Correct Answer: C
Question #95
Refer to the exhibit. How does the router handle traffic after the CoPP policy is configured on the router?
A. raffic generated by R1 that matches access list SNMP is policed
B. raffic coming to R1 that matches access list SNMP is policed
C. raffic passing through R1 that matches access list SNMP is policed
D. raffic coming to R1 that does not match access list SNMP is dropped
View answer
Correct Answer: A
Question #96
What is the correct EBGP path attribute list, ordered from most preferred to least preferred, that the BGP best-path algorithm uses?
A. local preference, weight, AS path, MED
B. weight, local preference, AS path, MED
C. weight, AS path, local preference, MED
D. local preference, weight, MED, AS path
View answer
Correct Answer: B
Question #97
Which DHCP option provides the CAPWAP APs with the address of the wireless controller(s)?
A. 3
B. 6
C. 9
D. 50
View answer
Correct Answer: A
Question #98
Which JSON syntax is valid?
A. “switch”:”name”:”dist1′′,”interfaces”:[“gig1′′,”gig2′′,”gig3”]}
B. /”switch/”:{/”name/”:”dist1′′,/”interfaces/”:[“gig1′′,”gig2′′,”gig3”]}}
C. “switch”:{“name”:”dist1′′,”interfaces”:[“gig1′′,”gig2′′,”gig3”]}}
D. ‘switch’:(‘name’:’dist1′,’interfaces’:[‘gig1′,’gig2′,’gig3’])}
View answer
Correct Answer: C
Question #99
Refer to the exhibit. An engineer is installing a new pair of routers in a redundant configuration.Which protocol ensures that traffic is not disrupted in the event of a hardware failure?
A. SRPv1
B. LBP
C. RRP
D. SRPv2
View answer
Correct Answer: A
Question #100
Which LISP infrastructure device provides connectivity between non-LISP sites and LISP sites by receiving non-LISP traffic with a LISP site destination?
A. PITR
B. map resolver
C. map server
D. PETR
View answer
Correct Answer: A
Question #101
DRAG DROP (Drag and Drop is not supported)Drag and drop the characteristics from the left onto the infrastructure deployment models they describe on the right.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #102
Which two protocols are used with YANG data models? (Choose two.)
A. TLS
B. RESTCONF
C. SSH
D. NETCONF
E. HTTPS
View answer
Correct Answer: BD
Question #103
Which method does the enable secret password option use to encrypt device passwords?
A. MD5
B. PAP
C. CHAP
D. AES
View answer
Correct Answer: A
Question #104
Refer to the exhibit. An engineer must set up connectivity between a campus aggregation layer and a branch office access layer. The engineer uses dynamic trunking protocol to establish this connection; however, management traffic on VLAN1 is not passing. Which action resolves the issue and allow communication for all configured VLANs?
A. isable Spanning Tree for the native VLAN
B. llow all VLANs on the trunk links
C. hange both interfaces to access ports
D. onfigure the correct native VLAN on the remote interface
View answer
Correct Answer: D
Question #105
When configuring WPA2 Enterprise on a WLAN, which additional security component configuration is required?
A. PKI server
B. NTP server
C. RADIUS server
D. TACACS server
View answer
Correct Answer: C
Question #106
Refer to the exhibit. What is the result when a technician adds the monitor session 1 destination remote vlan 223 commands?
A. he RSPAN VLAN is replaced by VLAN 223
B. SPAN traffic is sent to VLANs 222 and 223
C. n error is flagged for configuring two destinations
D. SPAN traffic is split between VLANs 222 and 223
View answer
Correct Answer: A
Question #107
Which action is the vSmart controller responsible for in a Cisco SD-WAN deployment?
A. nboard WAN Edge nodes into the Cisco SD-WAN fabric
B. ather telemetry data from WAN Edge routers
C. istribute policies that govern data forwarding performed within the Cisco SD-WAN fabric
D. andle, maintain, and gather configuration and status for nodes within the Cisco SD-WAN fabric
View answer
Correct Answer: C
Question #108
Where in Cisco DNA Center is documentation of each API call organized by its functional area?
A. eveloper Toolkit
B. latform management
C. latform bundles
D. untime Dashboard
View answer
Correct Answer: A
Question #109
What is one primary REST security design principle?
A. ail-safe defaults
B. assword hash
C. dding a timestamp in requests
D. Auth
View answer
Correct Answer: A
Question #110
DRAG DROP (Drag and Drop is not supported)Drag and drop the snippets onto the blanks within the code to construct a script that advertises the network prefix 192.168.5.0/24 into a BGP session. Not all options are used.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #111
Refer to the exhibit.?What are two effects of this configuration? (Choose two.)
A. It establishes a one-to-one NAT translation
B. The 209
C. The 10
D. Inside source addresses are translated to the 209
E. The 10
View answer
Correct Answer: CD
Question #112
Refer to the exhibit. What is required to configure a second export destination for IP address 192.168.10.1?
A. pecify a different UDP port
B. pecify a different TCP port
C. onfigure a version 5 flow-export to the same destination
D. pecify a different flow I
E. pecify a VRF
View answer
Correct Answer: A
Question #113
Which benefit is offered by a cloud infrastructure deployment but is lacking in an on-premises deployment?
A. efficient scalability
B. virtualization
C. storage capacity
D. supported systems
View answer
Correct Answer: A
Question #114
Refer to the exhibit. After configuring an IPsec VPN, an engineer enters the show command to verify the ISAKMP SA status. What does the status show?
A. PN peers agreed on parameters for the ISAKMP S
B. eers have exchanged keys, but ISAKMP SA remains unauthenticated
C. SAKMP SA is authenticated and can be used for Quick Mode
D. SAKMP SA has been created, but it has not continued to form
View answer
Correct Answer: C
Question #115
In which part of the HTTP message is the content type specified?
A. TTP method
B. ody
C. eader
D. RI
View answer
Correct Answer: C
Question #116
DRAG DROP (Drag and Drop is not supported)Drag and drop the characteristics from the left onto the switching architectures on the right.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #117
If a VRRP master router fails, which router is selected as the new master router?
A. router with the lowest priority
B. router with the highest priority
C. router with the highest loopback address
D. router with the lowest loopback address
View answer
Correct Answer: B
Question #118
Refer to the exhibit. What step resolves the authentication issue?
A. se basic authentication
B. hange the port to 12446
C. arget 192
D. estart the vsmart host
View answer
Correct Answer: C
Question #119
Which two methods are used by an AP that is trying to discover a wireless LAN controller? (Choose two.)
A. Cisco Discovery Protocol neighbor
B. querying other APs
C. DHCP Option 43
D. broadcasting on the local subnet
E. DNS lookup CISCO-DNA-PRIMARY
View answer
Correct Answer: CD
Question #120
What is fact about Cisco SD-access wireless network infrastructure deployments?
A. The access point is part of the fabric overlay
B. The wireless client is part of the fabric overlay
C. The access point is part of the fabric underlay
D. The WLC is part of the fabric underlay
View answer
Correct Answer: A
Question #121
DRAG DROP (Drag and Drop is not supported)Drag and drop the tools from the left onto the agent types on the right.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #122
What are two characteristics of VXLAN? (Choose two)
A. 1(config)#interface Gi0/1 R1(config-if)#ip ospf enable R1(contig-if)#ip ospf network broadcast R1(config-if)#no shutdown
B. 1(config)#router ospf 1 R1(config-router)#network 0
C. 1(config)#interface Gi0/1 R1(config-if)#ip ospf 1 area 0 R1(config-if)#no shutdown
D. 1(config)#router ospf 1 R1(config-router)#network 192
View answer
Correct Answer: BC
Question #123
An engineer must protect their company against ransomware attacks.Which solution allows the engineer to block the execution stage and prevent file encryption?
A. se Cisco Firepower and block traffic to TOR networks
B. se Cisco AMP deployment with the Malicious Activity Protection engine enabled
C. se Cisco Firepower with Intrusion Policy and snort rules blocking SMB exploitation
D. se Cisco AMP deployment with the Exploit Prevention engine enabled
View answer
Correct Answer: B
Question #124
Which algorithms are used to secure REST API from brute attacks and minimize the impact?
A. HA-512 and SHA-384
B. D5 algorithm-128 and SHA-384
C. HA-1, SHA-256, and SHA-512
D. BKDF2, BCrypt, and SCrypt
View answer
Correct Answer: D
Question #125
Which method of account authentication does OAuth 2.0 within REST APIs?
A. username/role combination
B. access tokens
C. cookie authentication
D. basic signature workflow
View answer
Correct Answer: B
Question #126
Refer to the exhibit. Which two commands ensure that DSW1 becomes root bridge for VLAN 10? (Choose two.)
A. IM sparse mode uses a pull model to deliver multicast traffic
B. IM dense mode uses a pull model to deliver multicast traffic
C. IM sparse mode uses receivers to register with the RP
D. IM sparse mode uses a flood and prune model to deliver multicast traffic
View answer
Correct Answer: AC
Question #127
Which IP SLA operation requires the IP SLA responder to be configured on the remote end?
A. UDP jitter
B. ICMP jitter
C. TCP connect
D. ICMP echo
View answer
Correct Answer: A
Question #128
What is the role of the vSmart controller in a Cisco SD-WAN environment?
A. IT performs authentication and authorization
B. It manages the control plane
C. It is the centralized network management system
D. It manages the data plane
View answer
Correct Answer: B
Question #129
What is the fact about Cisco EAP-FAST?
A. It requires a client certificate
B. It is an IETF standard
C. It does not require a RADIUS server certificate
D. It operates in transparent mode
View answer
Correct Answer: C
Question #130
Refer to the exhibit. What does the snippet of code achieve?
A. t creates an SSH connection using the SSH key that is stored, and the password is ignored
B. t creates a temporary connection to a Cisco Nexus device and retrieves a token to be used for API calls
C. t opens an ncclient connection to a Cisco Nexus device and maintains it for the duration of the context
D. t opens a tunnel and encapsulates the login information, if the host key is correct
View answer
Correct Answer: C
Question #131
Refer to the exhibit. After the code is run on a Cisco IOS-XE router, the response code is 204. What is the result of the script?
A. he configuration fails because interface GigabitEthernet2 is missing on the target device
B. nterface GigabitEthemet2 is configured with IP address 10
C. he configuration fails because another interface is already configured with IP address 10
D. he configuration is successfully sent to the device in cleartext
View answer
Correct Answer: B
Question #132
Which solution do IaaS service providers use to extend a Layer 2 segment across a Layer 3 network?
A. XLAN
B. TEP
C. RF
D. LAN
View answer
Correct Answer: A
Question #133
Which OSPF network types are compatible and allow communication through the two peering devices?
A. point-to-multipoint to nonbroadcast
B. broadcast to nonbroadcast
C. point-to-multipoint to broadcast
D. broadcast to point-to-point
View answer
Correct Answer: B
Question #134
A response code of 404 is received while using the REST API on Cisco DNA Center to POST to this URI: /dna/intent/api/v1/template-programmer/project What does the code mean?
A. The POST/PUT request was fulfilled and a new resource was created
B. The request was accepted for processing, but the processing was not completed
C. The client made a request for a resource that does not exist
D. The server has not implemented the functionality that is needed to fulfill the request
View answer
Correct Answer: C
Question #135
What is the recommended MTU size for a Cisco SD-Access Fabric?
A. 464
B. 7914
C. 100
D. 500
View answer
Correct Answer: C
Question #136
At which layer does Cisco DNA Center support REST controls?
A. ession layer
B. orthbound APIs
C. EM applets or scripts
D. AML output from responses to API calls
View answer
Correct Answer: B
Question #137
When using BFD in a network design, which consideration must be made?
A. FD is used with dynamic routing protocols to provide subsecond convergence
B. FD is used with first hop routing protocols to provide subsecond convergence
C. FD is used with NSF and graceful to provide subsecond convergence
D. FD is more CPU-intensive than using reduced hold timers with routing protocols
View answer
Correct Answer: A
Question #138
What does the Cisco DNA REST response indicate?
A. isco DNA Center has the incorrect credentials for cat3850-1
B. isco DNA Center is unable to communicate with cat9000-1
C. isco DNA Center has the incorrect credentials for cat9000-1
D. isco DNA Center has the incorrect credentials for RouterASR-1
View answer
Correct Answer: C
Question #139
DRAG DROP (Drag and Drop is not supported)Drag and drop the characteristics from the left onto the configuration models on the right.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #140
Refer to the exhibit. The trunk does not work over the back-to-back link between Switch1 interface Gig1/0/20 and Switch2 interface Gig1/0/20. Which configuration fixes the problem?
A. witch 1(config)#interface gig1/0/20Switch1(config-if)#switchport mode dynamic auto
B. witch2(config)#interface gig1/0/20Switch2(config-if)#switchport mode dynamic desirable
C. witch2(config)#interface gig1/0/20Switch2(config-if)#switchport mode dynamic auto
D. witch1(config)#interface gig1/0/20Switch1(config-if)#switchport trunk native vlan 1Switch2(config)#interface gig1/0/20Switch2(config-if)#switchport trunk native vlan 1
View answer
Correct Answer: B
Question #141
To increase total throughput and redundancy on the links between the wireless controller and switch, the customer enabled LAG on the wireless controller. Which EtherChannel mode must be configured on the switch to allow the WLC to connect?
A. Active
B. Passive
C. On
D. Auto
View answer
Correct Answer: C
Question #142
A customer requests a network design that supports these requirements:-FHRP redundancy-multivendor router environment-IPv4 and IPv6 hostsWhich protocol does the design include?
A. RRP version 2
B. RRP version 3
C. LBP
D. SRP version 2
View answer
Correct Answer: B
Question #143
Which statement explains why Type 1 hypervisor is considered more efficient than Type2 hypervisor?
A. Type 1 hypervisor is the only type of hypervisor that supports hardware acceleration techniques
B. Type 1 hypervisor relies on the existing OS of the host machine to access CPU, memory, storage, and network resources
C. Type 1 hypervisor runs directly on the physical hardware of the host machine without relying on the underlying OS
D. Type 1 hypervisor enables other operating systems to run on it
View answer
Correct Answer: C
Question #144
A network engineer is enabling HTTPS access to the core switch, which requires a certificate to be installed on the switch signed by the corporate certificate authority. Which configuration commands are required to issue a certificate signing request from the core switch?
A. ore-Switch(config)#crypto pki enroll Core-Switch Core-Switch(config)#ip http secure-trustpoint Core-Switch
B. ore-Switch(config)#ip http secure-trustpoint Core-Switch Core-Switch(config)#crypto pki enroll Core-Switch
C. ore-Switch(config)#crypto pki trustpoint Core-Switch Core-Switch(ca-trustpoint)#enrollment terminal Core-Switch(config)#crypto pki enroll Core-Switch
D. ore-Switch(config)#crypto pki trustpoint Core-Switch Core-Switch(ca-trustpoint)#enrollment terminal Core-Switch(config)#ip http secure-trustpoint Core-Switch
View answer
Correct Answer: C
Question #145
What is the result of applying this access control list?ip access-list extended STATEFUL10 permit tcp any any established20 deny ip any any
A. CP traffic with the URG bit set is allowed
B. CP traffic with the SYN bit set is allowed
C. CP traffic with the ACK bit set is allowed
D. CP traffic with the DF bit set is allowed
View answer
Correct Answer: C
Question #146
A network administrator is implementing a routing configuration change and enables routing debugs to track routing behavior during the change. The logging output on the terminal is interrupting the command typing process. Which two actions can the network administrator take to minimize the possibility of typing commands incorrectly? (Choose two.)
A. Configure the logging synchronous global configuration command
B. Configure the logging synchronous command under the vty
C. Increase the number of lines on the screen using the terminal length command
D. Configure the logging delimiter feature
E. Press the TAB key to reprint the command in a new line
View answer
Correct Answer: BE
Question #147
Refer to the exhibit. What are two effects of this configuration? (Choose two.)
A. ver the DS
B. 02
C. daptive R
D. 02
View answer
Correct Answer: CD
Question #148
On which protocol or technology is the fabric data plane based in Cisco SD-Access fabric?
A. VXLAN
B. LISP
C. Cisco TrustSec
D. IS-IS
View answer
Correct Answer: A
Question #149
A customer deploys a new wireless network to perform location-based services using Cisco DNA Spaces. The customer has a single WLC located on-premises in a secure data center. The security team does not want to expose the WLC to the public Internet. Which solution allows the customer to securely send RSSI updates to Cisco DNA Spaces?
A. eploy a Cisco DNA Spaces connector as a VM
B. erform tethering with Cisco DNA Center
C. eplace the WLC with a cloud-based controller
D. mplement Cisco Mobility Services Engine
View answer
Correct Answer: A
Question #150
Which two GRE features are configured to prevent fragmentation? (Choose two.)
A. TCP window size
B. IP MTU
C. TCP MSS
D. DF bit clear
E. MTU ignore
View answer
Correct Answer: BC
Question #151
Which two solutions are used for backing up a Cisco DNA Center Assurance database? (Choose two.)
A. he subnet mask is different between the two interfaces
B. he interface of R3 is not operational
C. he wrong type of cable is connected between the two interfaces
D. P CEF is disabled on R3
View answer
Correct Answer: BC
Question #152
Refer to the exhibit. Which two facts does the device output confirm? (Choose two.)
A. atch
B. ipole
C. mnidirectional
D. agi
View answer
Correct Answer: DE
Question #153
What is the correct EBGP path attribute list, ordered from most preferred to least preferred, that the BGP best-path algorithm uses?
A. local preference, weight, AS path, MED
B. weight, local preference, AS path, MED
C. weight, AS path, local preference, MED
D. local preference, weight, MED, AS path
View answer
Correct Answer: B
Question #154
An engineer must create a new SSID on a Cisco 9800 wireless LAN controller. The client has asked to use a pre-shared key for authentication. Which profile must the engineer edit to achieve this requirement?
A. olicy
B. F
C. lex
D. LAN
View answer
Correct Answer: D
Question #155
Which action is a function of VTEP in VXLAN?
A. tunneling traffic from IPv6 to IPv4 VXLANs
B. allowing encrypted communication on the local VXLAN Ethernet segment
C. encapsulating and de-encapsulating VXLAN Ethernet frames
D. tunneling traffic from IPv4 to IPv6 VXLANs
View answer
Correct Answer: C
Question #156
Refer to the exhibit. Which command is required to verify NETCONF capability reply messages?
A. how netconf rpc-reply
B. how netconf | section rpc-reply
C. how netconf schema | section rpc-reply
D. how netconf xml rpc-reply
View answer
Correct Answer: C
Question #157
An engineer must configure a multicast UDP jitter operation. Which configuration should be applied?
A. outer(config)#ip sla 1 Router(config)#udp-jitter 192
B. outer(config)#ip sla 1 Router(config)#udp jitter 239
C. outer(config)#ip sla 1 Router(config)#udp-jitter 192
D. outer(config)#ip sla 1 Router(config)#udp jitter 10
View answer
Correct Answer: B
Question #158
An engineer configures a WLAN with fast transition enabled. Some legacy clients fail to connect to this WLAN. Which feature allows the legacy clients to connect while still allowing other clients to use fast transition based on their OUIs?
A. over the DS
B. 802
C. adaptive R
D. 802
View answer
Correct Answer: C
Question #159
Refer to the exhibit. Which command set must be applied on R1 to establish a BGP neighborship with R2 and to allow communication from R1 to reach the networks?
A. ption A
B. ption B
C. ption C
D. ption D
View answer
Correct Answer: B
Question #160
Which statement about agent-based versus agentless configuration management tools is true?
A. Agentless tools use proxy nodes to interface with slave nodes
B. Agentless tools require no messaging systems between master and slaves
C. Agent-based tools do not require a high-level language interpreter such as Python or Ruby on slave nodes
D. Agent-based tools do not require installation of additional software packages on the slave nodes
View answer
Correct Answer: B
Question #161
A network engineer is configuring Flexible NetFlow and enters these commands. sampler NetFlow1 mode random one-out-of 100 interface fastethernet 1/0 flow-sampler NetFlow1What are two results of implementing this feature instead of traditional NetFlow? (Choose two.)
A. nder the interface
B. nder the flow record
C. nder the flow monitor
D. nder the flow exporter
View answer
Correct Answer: BC
Question #162
What mechanism does PIM use to forward multicast traffic?
A. n ACL applied inbound on loopback0 of R2 is dropping the traffic
B. he loopback on R3 is in a shutdown state
C. edistribution of connected routes into OSPF is not configured
D. n ACL applied inbound on fa0/1 of R3 is dropping the traffic
View answer
Correct Answer: A
Question #163
Which A record type should be configured for access points to resolve the IP address of @ wireless LAN controller using ONS?
A. ISCO
B. ISCO
C. ISCO-CONTROLLER localdomain
D. ISCO-CAPWAP-CONTROLLER
View answer
Correct Answer: D
Question #164
An engineer is configuring local web authentication on a WLAN. The engineer chooses the Authentication radio button under the Layer 3 Security options for Web Policy.Which device presents the web authentication for the WLAN?
A. SE server
B. ADIUS server
C. nchor WLC
D. ocal WLC
View answer
Correct Answer: D
Question #165
An engineer configures a WLAN with fast transition enabled. Some legacy clients fail to connect to this WLAN. Which feature allows the legacy clients to connect while still allowing other clients to use fast transition based on their OUIs?
A. over the DS
B. 802
C. adaptive R
D. 802
View answer
Correct Answer: C
Question #166
DRAG DROP (Drag and Drop is not supported)Drag and drop the REST API authentication methods from the left onto their descriptions on the right.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #167
Which controller is the single plane of management for Cisco SD-WAN?
A. Bond
B. Smart
C. Manage
D. Edge
View answer
Correct Answer: C
Question #168
Which QoS queuing method transmits packets out of the interface in the order the packets arrive?
A. ustom
B. eighted-fair
C. IFO
D. riority
View answer
Correct Answer: C
Question #169
Refer to the exhibit. Which configuration establishes EBGP neighborship between these two directly connected neighbors and exchanges the loopback network of the two routers through BGP?
A. 1(config)#router bgp 1 R1(config-router)#neighbor 192
B. 1(config)#router bgp 1 R1(config-router)#neighbor 10
C. 1(config)#router bgp 1 R1(config-router)#neighbor 192
D. 1(config)#router bgp 1 R1(config-router)#neighbor 10
View answer
Correct Answer: A
Question #170
What is the role of the RP in PIM sparse mode?
A. The RP responds to the PIM join messages with the source of requested multicast group
B. The RP maintains default aging timeouts for all multicast streams requested by the receivers
C. The RP acts as a control-plane node and does not receive or forward multicast packets
D. The RP is the multicast that is the root of the PIM-SM shared multicast distribution tree
View answer
Correct Answer: D
Question #171
A client device roams between access points located on different floors in an atrium. The access points joined to the same controller and configuration in local mode. The access points are in different IP addresses, but the client VLAN in the group same. What type of roam occurs?
A. inter-controller
B. inter-subnet
C. intra-VLAN
D. intra-controller
View answer
Correct Answer: D
Question #172
Refer to the exhibit. Traffic is not passing between SW1 and SW2. Which action fixes the issue?
A. onfigure switch port mode to ISL on S2
B. onfigure LACP mode on S1 to active
C. onfigure PAgP mode on S1 to desirable
D. onfigure LACP mode on S1 to passive
View answer
Correct Answer: C
Question #173
Which activity requires access to Cisco DNA Center CLI?
A. rovisioning a wireless LAN controller
B. reating a configuration template
C. pgrading the Cisco DNA Center software
D. raceful shutdown of Cisco DNA Center
View answer
Correct Answer: D
Question #174
What are two reasons why broadcast radiation is caused in the virtual machine environment? (Choose two.)
A. TR
B. R
C. TR
D. S
View answer
Correct Answer: BC
Question #175
Refer to the exhibit. An engineer attempts to configure a router on a stick to route packets between Clients, Servers, and Printers; however, initial tests show that this configuration is not working. Which command set resolves this issue?
A. t enables HSRP to elect another switch in the group as the active HSRP switch
B. t ensures fast failover in the case of link failure
C. t enables data forwarding along known routes following a switchover, while the routing protocol reconverges
D. t enables HSRP to failover to the standby RP on the same device
View answer
Correct Answer: C
Question #176
Refer to the exhibit. An engineer entered the command no spanning-tree bpduguard enable on interface Fa1/0/7. What is the effect of this command onFa1/0/7?
A. t remains in err-disabled state until the errdisable recovery cause failed-port-state command is entered in the global configuration mode
B. t remains in err-disabled state until the no shutdown command is entered in the interface configuration mode
C. t remains in err-disabled state until the shutdown/no shutdown command is entered in the interface configuration mode
D. t remains in err-disabled state until the spanning-tree portfast bpduguard disable command is entered in the interface configuration mode
View answer
Correct Answer: C
Question #177
What is the role of a fusion router in an SD-Access solution?
A. acts as a DNS server
B. provides additional forwarding capacity to the fabric
C. performs route leaking between user-defined virtual networks and shared services
D. provides connectivity to external networks
View answer
Correct Answer: C
Question #178
A network administrator is preparing a Python script to configure a Cisco IOS XE-based device on the network. The administrator is worried that colleagues will make changes to the device while the script is running. Which operation of the client manager in prevent colleague making changes to the device while the script is running?
A. m
B. m
C. m
D. m
View answer
Correct Answer: B
Question #179
Refer to the exhibit. All switches are configured with the default port priority value. Which two commands ensure that traffic from PC1 is forwarded over the Gi1/3 trunk port between DSW1 and DSW2? (Choose two.)
A. obility MAC on the 5520 cluster
B. obility MAC on the 9800 WLC
C. ew mobility on the 5520 cluster
D. ew mobility on the 9800 WLC
View answer
Correct Answer: AE
Question #180
Which two security features are available when implementing NTP? (Choose two.)
A. he EIGRP metric is calculated based on bandwidth only
B. he EIGRP metric is calculated based on delay only
C. he EIGRP metric is calculated based on bandwidth and delay
D. he EIGRP metric is calculated based on hop count and bandwidth
View answer
Correct Answer: AE
Question #181
Which feature is supported by EIGRP but is not supported by OSPF?
A. oute filtering
B. nequal-cost load balancing
C. oute summarization
D. qual-cost load balancing
View answer
Correct Answer: B
Question #182
An engineer must create an EEM script to enable OSPF debugging in the event the OSPF neighborship goes down. Which script must the engineer apply?
A. vent manager applet ENABLE_OSPF_DEBUG event syslog pattern “%OSPF-5-ADJCHG: Process 6, Nbr 1
B. vent manager applet ENABLE_OSPF_DEBUG event syslog pattern “%OSPF-5-ADJCHG: Process 5, Nbr 1
C. vent manager applet ENABLE_OSPF_DEBUG event syslog pattern “%OSPF-1-ADJCHG: Process 5, Nbr 1
D. vent manager applet ENABLE_OSPF_DEBUG event syslog pattern “%OSPF-5-ADJCHG: Process 5, Nbr 1
View answer
Correct Answer: A
Question #183
Which component handles the orchestration plane of the Cisco SD-WAN?
A. vBond
B. vSmart
C. vManage
D. vEdge
View answer
Correct Answer: A
Question #184
Which IP SLA operation requires the IP SLA responder to be configured on the remote end?
A. UDP jitter
B. ICMP jitter
C. TCP connect
D. ICMP echo
View answer
Correct Answer: A
Question #185
Which statement about multicast RPs is true?
A. RPs are required only when using protocol independent multicast dense mode
B. RPs are required for protocol independent multicast sparse mode and dense mode
C. By default, the RP is needed periodically to maintain sessions with sources and receivers
D. By default, the RP is needed only to start new sessions with sources and receivers
View answer
Correct Answer: D
Question #186
Which measurement is used from a post wireless survey to depict the cell edge of the access points?
A. NR
B. oise
C. SSI
D. CI
View answer
Correct Answer: C
Question #187
In a Cisco SD-Access wireless architecture, which device manages endpoint ID to edge node bindings?
A. abric control plane node
B. abric wireless controller
C. abric border node
D. abric edge node
View answer
Correct Answer: A
Question #188
When a wireless client roams between two different wireless controllers, a network connectivity outage is experienced for a period of time.Which configuration issue would cause this problem?
A. ot all of the controllers in the mobility group are using the same mobility group name
B. ot all of the controllers within the mobility group are using the same virtual interface IP address
C. ll of the controllers within the mobility group are using the same virtual interface IP address
D. ll of the controllers in the mobility group are using the same mobility group name
View answer
Correct Answer: B
Question #189
DRAG DROP (Drag and Drop is not supported)An engineer creates the configuration below. Drag and drop the authentication methods from the left into the order of priority on the right. Not all options are used.R1#sh run | i aaaaaa new-modelaaa authentication login default group ACE group AAA_RADIUS local-case aaa session-id commonR1#Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #190
What is the structure of a JSON web token?
A. hree parts separated by dots: header, payload, and signature
B. hree parts separated by dots: version, header, and signature
C. eader and payload
D. ayload and signature
View answer
Correct Answer: A
Question #191
Which two operational modes enable an AP to scan one or more wireless channels for rogue access points and at the same time provide wireless services to clients? (Choose two.)
A. witchport no negotiate
B. o switchport
C. witchport mode dynamic desirable
D. witchport mode access
View answer
Correct Answer: CE
Question #192
What is an advantage of utilizing data models in a multivendor environment?
A. owering CPU load incurred to managed devices
B. mproving communication security with binary encoded protocols
C. acilitating a unified approach to configuration and management
D. emoving the distinction between configuration and runtime state data
View answer
Correct Answer: C
Question #193
Refer to the exhibit. An engineer configures a new HSRP group. While reviewing the HSRP status, the engineer sees the logging message generated on R2.What is the cause of the message?
A. he HSRP configuration has caused a routing loop
B. he same virtual IP address has been configured for two HSRP groups
C. PC is on the network using the IP address 10
D. he HSRP configuration has caused a spanning-tree loop
View answer
Correct Answer: B
Question #194
Which entity is responsible for maintaining Layer 2 isolation between segments in a VXLAN environment?
A. NID
B. witch fabric
C. TEP
D. ost switch
View answer
Correct Answer: A
Question #195
What is fact about Cisco SD-access wireless network infrastructure deployments?
A. The access point is part of the fabric overlay
B. The wireless client is part of the fabric overlay
C. The access point is part of the fabric underlay
D. The WLC is part of the fabric underlay
View answer
Correct Answer: A
Question #196
Refer to the exhibit. An engineer is configuring an EtherChannel between Switch1 and Switch2 and notices the console message on Switch2. Based on the output, which action resolves this issue?
A. onfigure more member ports on Switch1
B. onfigure less member ports on Switch2
C. onfigure the same port channel interface number on both switches
D. onfigure the same EtherChannel protocol on both switches
View answer
Correct Answer: D
Question #197
Refer to the exhibit. PC-1 must access the web server on port 8080. To allow this traffic, which statement must be added to an access control list that is applied onSW2 port G0/0 in the inbound direction?
A. ermit tcp host 172
B. ermit tcp host 192
C. ermit tcp host 192
D. ermit tcp host 192
View answer
Correct Answer: C
Question #198
Refer to the exhibit. Which two commands are needed to allow for full reachability between AS 1000 and AS 2000? (Choose two.)
A. nterface Vlan10 no ip vrf forwarding Clients ! interface Vlan20 no ip vrf forwarding Servers ! interface Vlan30 no ip vrf forwarding Printers
B. outer eigrp 1 network 10
C. nterface Vlan10 no ip vrf forwarding Clients ip address 192
D. outer eigrp 1 network 10
View answer
Correct Answer: AC
Question #199
Which definition describes JWT in regard to REST API security?
A. n encrypted JSON token that is used for authentication
B. n encrypted JSON token that is used for authorization
C. n encoded JSON token that is used to securely exchange information
D. n encoded JSON token that is used for authentication
View answer
Correct Answer: D
Question #200
DRAG DROP (Drag and Drop is not supported)Drag and drop the characteristics from the left onto the orchestration tools that they describe on the right.Select and Place:
A. ee Explanation section for answer
View answer
Correct Answer: A
Question #201
Which component of the Cisco Cyber Threat Defense solution provides user and flow context analysis?
A. isco Firepower and FireSIGHT
B. isco Stealthwatch system
C. dvanced Malware Protection
D. isco Web Security Appliance
View answer
Correct Answer: B
Question #202
Which two steps are required for a complete Cisco DNA Center upgrade? (Choose two.)
A. automation backup
B. system update
C. golden image selection
D. proxy configuration
E. application updates?
View answer
Correct Answer: BE
Question #203
Which statement about VXLAN is true?
A. VXLAN encapsulates a Layer 2 frame in an IP-UDP header, which allows Layer 2 adjacency across router boundaries
B. VXLAN uses the Spanning Tree Protocol for loop prevention
C. VXLAN extends the Layer 2 Segment ID field to 24-bits, which allows up to 4094 unique Layer 2 segments over the same network
D. VXLAN uses TCP as the transport protocol over the physical data center network
View answer
Correct Answer: A
Question #204
In OSPF, which LSA type is responsible for pointing to the ASBR router?
A. ype 1
B. ype 2
C. ype 3
D. ype 4
View answer
Correct Answer: D
Question #205
What does this EEM applet event accomplish?"event snmp oid 1.3.6.1.3.7.6.5.3.9.3.8.7 get-type next entry-op gt entry-val 75 poll-interval 5"
A. pon the value reaching 75%, a SNMP event is generated and sent to the trap server
B. t reads an SNMP variable, and when the value exceeds 75%, it triggers an action
C. t issues email when the value is greater than 75% for five polling cycles
D. t presents a SNMP variable that can be interrogated
View answer
Correct Answer: B
Question #206
Which two GRE features are configured to prevent fragmentation? (Choose two.)
A. TCP window size
B. IP MTU
C. TCP MSS
D. DF bit clear
E. MTU ignore
View answer
Correct Answer: BC
Question #207
Which command set configures RSPAN to capture outgoing traffic from VLAN 3 on interface GigabitEthernet 0/3 while ignoring other VLAN traffic on the same interface?
A. onitor session 2 source interface gigabitethernet0/3 rx monitor session 2 filter vlan 3
B. onitor session 2 source interface gigabitethernet0/3 rx monitor session 2 filter vlan 1 - 2, 4 - 4094
C. onitor session 2 source interface gigabitethernet0/3 tx monitor session 2 filter vlan 3
D. onitor session 2 source interface gigabitethernet0/3 tx monitor session 2 filter vlan 1- 2, 4 - 4094
View answer
Correct Answer: C
Question #208
Refer to the exhibit. An engineer must establish eBGP peering between router R3 and router R4. Both routers should use their loopback interfaces as the BGP router ID.Which configuration set accomplishes this task?
A. 3(config)#router bgp 200 R3(config-router)#neighbor 10
B. 3(config)#router bgp 200 R3(config-router)#neighbor 10
C. 3(config)#router bgp 200 R3(config-router)#neighbor 10
D. 3(config)#router bgp 200 R3(config-router)#neighbor 10
View answer
Correct Answer: D
Question #209
Refer to the exhibit. Which set of commands is required to configure and verify the VRF for Site 1 Network A on router R1?
A. 1#ip routing R1#(config)#ip vrf 100 R1#(config-vrf)#rd 100:1 R1#(config-vrf)# address family ipv4 ! R1(config)#interface Gi0/2 R1(config-if)#ip address 10
B. 1#ip routing R1#(config)#ip vrf 100 ! R1(config)#interface Gi0/2 R1(config-if)#ip address 10
C. 1#ip routing R1#(config)#ip vrf 100 ! R1(config)#interface Gi0/2 R1(config-if)#ip vrf forwarding 100 R1(config-if)#ip address 10
D. 1#ip routing R1#(config)#ip vrf 100 ! R1(config)#interface Gi0/2 R1(config-if)#ip address 10
View answer
Correct Answer: C

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: